Follow

08/15/17: PHPMyAdmin PMA_ArrayWalkRecursive/PMA_GPC_Extract Function DOS | Security Bulletin

Threat Summary

Overview

There is a denial of service vulnerability in PHPMyAdmin. The vulnerability is caused by a lack of limits on recursion on arrays provided via user input. An attacker can cause a denial of service condition by passing an array of many dimensions to the server.

Exploitation

Stages

  1. A remote unauthenticated attacker launches a request with a high volume of arrays in the client body.
  2. There is no response from the server as the application has crashed.

Prerequisites

The attacker must be able to contact the target system.

Vulnerability Description

In this denial of service vulnerability in PHPMyAdmin, an attacker can cause a denial of service condition by passing an array of many dimensions to the server. This will affect the availability of data on the server. The vulnerability can be located in the file grab_globals.lib.php or common.lib.php depending on the version.

Alert Logic Coverage

Alert Logic® has evaluated its customer base for exposure to the exploit and has developed signatures for mitigating the threat depending on the security service in place. 

The Network-Based Intrusion Detection System (IDS) has been updated with the new signatures for this exploit when detected via Alert Logic Threat Manager™. If this signature is detected, an incident is generated in the Alert Logic console.

Recommendations for Mitigation

In later versions of PHPmyadmin, the function in grab_globals.lib.php has been deprecated. The developers have added a recursive counter variable to ensure that recursion is limited.

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request

0 Comments

Please sign in to leave a comment.